[Samba] Adding users to dirs, acl
John Drescher
drescherjm at gmail.com
Thu Aug 28 13:46:31 GMT 2008
On Thu, Aug 28, 2008 at 5:51 AM, Keith Sudbury
<keith-lists at netzensolutions.com> wrote:
> I have some users I was to allow access to a dir, I know I will need to
> setup ACL's however when this is done can I add users to dirs like I can in
> windows?
>
Yes, this works for me. Make sure your idmap is working.
Here is what works for me on a test domain called YOUR_DOMAIN
[global]
idmap domains = YOUR_DOMAIN TRUSTEDDOMAINS
idmap config YOUR_DOMAIN:backend = nss
idmap config YOUR_DOMAIN:readonly = yes
idmap config TRUSTEDDOMAINS:default = yes
idmap config TRUSTEDDOMAINS:backend = tdb
idmap config TRUSTEDDOMAINS:range = 10000 - 50000
idmap alloc backend = tdb
idmap alloc config:range = 10000 - 50000
BTW, I am using ldap with this PDC
[global]
add user script = /usr/sbin/smbldap-useradd -m "%u"
delete user script = /usr/sbin/userdel -r "%u"
add group script = /usr/sbin/smbldap-groupadd -p "%g"
delete group script = /usr/sbin/groupdel "%g"
add user to group script = /usr/sbin/smbldap-groupmod -m "%u" "%g"
delete user from group script = /usr/sbin/smbldap-groupmod -x "%u" "%g"
set primary group script = /usr/sbin/smbldap-usermod -g "%g" "%u"
add machine script = /usr/sbin/smbldap-useradd -w "%u"
ldap admin dn = cn=Manager,dc=example,dc=net
ldap delete dn = Yes
ldap group suffix = ou=Groups
ldap idmap suffix = ou=Idmap
ldap machine suffix = ou=Computers
ldap suffix = dc=example,dc=net
ldap ssl = no
ldap user suffix = ou=Users
ldapsam:trusted = yes
ldapsam:editposix = yes
John
More information about the samba
mailing list